SSH and FRR Question
-
Hi All,
I installed FRR package in my PFSense. I want to create a new user to manage FRR through SSH directly. Can I create user account who can login the vtysh console directly? Also it cannot control the Pfsense bash shell.
Thanks,
Tom -
No, I don't believe that's possible. If the user has sufficient privileges to access vtysh they will be able to access pfSense.
At least using the built in user priviledge management.I guess I could imagine a user who's default shell spawned vtysh.... It would probably be relatively easy to escape though.
Steve